Server 2012 DC to Server 2022 DC KB ID 0001790
Problem
I get asked about this quite a lot. In the past most of the queries were about moving from Server 2008 to Server 2022, if that’s what you are after then simply go here. This article is purely for the introduction of, and migration to Windows Server 2022 Domain Controllers. And it assumes your current domain controllers are Windows server 2012 (or 2012 R2).
Adding a Server 2022 Domain Controller
Once you have a Windows Server 2022 box stood up and fully updated, ensure it is added to the domain as a member server. Then from Server Manager > Manage > Add roles and features.
Next > Next > Next Next > Select “Active Directory Domain Services” > When prompted select ‘yes‘ to add the required services.
Next > Next > Next > Install > Close.
Click the ‘Warning Triangle‘ > Promote this server to a domain controller.
Next.
Enter the DSRM Password > Next.
That’s fine (if you’re worried see the link below) >Next.
Windows – A Delegation For This DNS Server Cannot Be Created
Next.
I’m accepting the default AD install locations > Next.
Next (forestprep and domainprep is all done for you now).
Next.
Install.
When complete the server will reboot.
View Server 2022 Domain Controller
You should now see the new domain controller listed in Active Directory
At this point I’m moving all the FSMO roles to the new Windows 2022 server.
Windows Server – Locating, Transferring, and Seizing FSMO Roles
Demoting the 2012 Domain Controller(s)
WARNING: Before proceeding, make sure anything on your network that may be using this server for DNS has been pointed to your new domain controllers. Don’t forget to change the DNS servers that are being distributed via DHCP, (update your DHCP scopes). And change your new domain controllers to look at themselves for DNS not the domain controller(s) you are about to demote!
Over on your 2012 domain controller > Server manager > Manage > Remove roles and features.
Next > Untick ‘Active Directory Domain Services’ > Demote this domain controller > Next.
Tick ‘Proceed with removal‘ > Next.
Untick ‘Remove DNS delegation’ > Next.
Set a new local administrator password for this server to use after it has been demoted (as it will be a member server at that point). You can of course still log into it as the domain admin. > Next > Demote.
When complete, the server will reboot.
You can now (if you wish raise your domain functional level). Note: Check you meet all the prerequisites for doing so, personally I rarely update them until I have a specific need to do so.
Once you are confident all your domain controllers in the domain have replicated, you can then update the forest functional level if you wish to do so.
Related Articles, References, Credits, or External Links
NA